Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/r86yty28MxrFnaXBSGUwLBT7lF4.roa
File: r86yty28MxrFnaXBSGUwLBT7lF4.roa (raw, json)
Hash identifier: bPMHvl07Rc7iejpTg+HOFX5GGmCNcQboSV6m9XPrmOs=
Subject key identifier: AF:CE:B2:B7:2D:BC:33:1A:C5:9D:A5:C1:48:65:30:2C:14:FB:94:5E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 88572941
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/r86yty28MxrFnaXBSGUwLBT7lF4.roa
Signing time: Mon 30 May 2022 02:09:13 +0000
ROA not before: Mon 30 May 2022 02:09:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
2001:67c:64:ffff:0:180:ff9c:1e7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2287413569 (0x88572941)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 30 02:09:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=afceb2b72dbc331ac59da5c14865302c14fb945e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:27:29:5e:72:e0:3f:b8:79:38:66:3b:80:bb:
e6:7f:16:8a:66:41:24:55:e8:46:53:db:5c:c3:a1:
5a:fa:01:54:63:0c:a6:29:1d:bc:91:d9:12:44:3b:
80:90:4e:91:e5:ae:24:34:ba:0e:7d:22:66:68:07:
a1:f8:b2:95:2b:29:5d:5d:f0:bd:55:0a:d0:2f:7a:
de:8d:7a:8b:3f:62:a1:0f:bf:0a:10:5a:b5:ad:78:
83:07:a1:5d:33:b8:d1:7f:18:6d:fe:b2:e1:73:21:
97:b2:95:9c:ed:34:4e:41:bc:2b:02:86:99:35:ce:
ef:50:87:86:78:9e:13:c0:0b:ba:09:38:47:ac:61:
3b:27:23:47:eb:13:97:cf:b8:2d:74:01:84:08:e8:
51:36:e7:6c:9c:6c:3a:76:94:6e:8c:58:c6:47:ca:
56:38:fd:d6:2f:a6:f8:ae:d0:b7:5b:25:b1:05:6e:
1b:8d:0d:f5:9c:19:dd:61:87:9a:fb:d3:bc:91:20:
8d:f8:c1:fa:eb:e3:0e:e7:9e:74:dc:42:17:ac:00:
24:60:a7:78:ac:ba:7e:7f:4a:fb:58:f7:86:1e:2e:
d7:93:09:82:d3:a3:dc:6a:74:62:65:78:78:11:59:
73:04:d4:eb:15:8c:45:94:d0:b0:0d:4e:8b:72:44:
e4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:CE:B2:B7:2D:BC:33:1A:C5:9D:A5:C1:48:65:30:2C:14:FB:94:5E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/r86yty28MxrFnaXBSGUwLBT7lF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:72:a6:cb:ef:28:e0:c3:2b:bf:c7:a9:c0:d9:10:5a:51:8a:
9d:8e:01:f1:be:13:5e:10:fc:c4:25:9a:b5:31:51:64:b8:40:
7e:e7:10:25:e7:84:77:08:d8:ee:6e:54:6b:56:34:d7:e2:d0:
6f:b0:cb:a5:a0:10:29:b9:fa:41:b0:29:ec:9e:b4:25:4d:3e:
16:47:80:fe:d7:0e:b0:a7:48:5b:21:dc:b8:4e:cb:fb:ca:ff:
fa:0c:b0:e8:e7:e2:a5:72:04:f2:a5:e3:00:7b:28:00:4f:f2:
fe:7c:c4:8f:77:e6:a8:c5:94:d8:60:0f:f8:d2:19:46:54:12:
0e:89:28:61:2c:fc:95:78:c3:d6:af:ed:af:a2:ca:fa:0e:18:
87:2e:86:8a:92:08:32:ab:df:8b:e0:31:08:21:e5:a5:f0:3e:
a7:ae:66:38:04:87:9e:90:87:8e:d3:71:d1:a5:38:a8:6e:6f:
59:99:4e:ca:f2:22:b3:c0:1a:4a:dc:75:5a:c9:a1:96:38:a9:
4e:ee:95:1d:5f:ec:5b:bc:a9:c6:4d:4f:45:91:d5:4a:a6:b7:
60:06:1a:63:ca:d0:83:6e:91:be:1f:ae:13:2f:0a:f5:a1:cc:
78:09:47:da:a3:ff:69:18:45:2e:12:e1:b6:82:4b:5a:be:c1:
c8:89:53:72
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIhXKUEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MzAwMjA5MTNaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGFmY2ViMmI3MmRi
YzMzMWFjNTlkYTVjMTQ4NjUzMDJjMTRmYjk0NWUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7JylecuA/uHk4ZjuAu+Z/FopmQSRV6EZT21zDoVr6AVRj
DKYpHbyR2RJEO4CQTpHlriQ0ug59ImZoB6H4spUrKV1d8L1VCtAvet6Neos/YqEP
vwoQWrWteIMHoV0zuNF/GG3+suFzIZeylZztNE5BvCsChpk1zu9Qh4Z4nhPAC7oJ
OEesYTsnI0frE5fPuC10AYQI6FE252ycbDp2lG6MWMZHylY4/dYvpviu0LdbJbEF
bhuNDfWcGd1hh5r707yRII34wfrr4w7nnnTcQhesACRgp3isun5/SvtY94YeLteT
CYLTo9xqdGJleHgRWXME1OsVjEWU0LANTotyROSLAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUr86yty28MxrFnaXBSGUwLBT7lF4wHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9yODZ5dHkyOE14ckZuYVhCU0dVd0xCVDdsRjQucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAd3Kmy+8o4MMrv8epwNkQWlGKnY4B8b4TXhD8
xCWatTFRZLhAfucQJeeEdwjY7m5Ua1Y01+LQb7DLpaAQKbn6QbAp7J60JU0+FkeA
/tcOsKdIWyHcuE7L+8r/+gyw6OfipXIE8qXjAHsoAE/y/nzEj3fmqMWU2GAP+NIZ
RlQSDokoYSz8lXjD1q/tr6LK+g4Yhy6GipIIMqvfi+AxCCHlpfA+p65mOASHnpCH
jtNx0aU4qG5vWZlOyvIis8AaStx1WsmhljipTu6VHV/sW7ypxk1PRZHVSqa3YAYa
Y8rQg26Rvh+uEy8K9aHMeAlH2qP/aRhFLhLhtoJLWr7ByIlTcg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:39:14 2025 by rpki-client